Legal claims defining the scope of protection, as filed with the USPTO.
1. A method comprising: accessing data representing a plurality of plaintext values having a plurality of ranges, wherein the plurality of plaintext values are associated with an attribute category, the plurality of plaintext values correspond to a collection of numbers for the attribute category, the plurality of ranges correspond to different ranges of numbers of the collection of numbers, and the collection of numbers has a statistical property; and determining a plurality of pseudonym values corresponding to the plurality of plaintext values and preserving the statistical property, wherein a first pseudonym value of the plurality of pseudonym values for a first plaintext value of the plurality of plaintext values is associated with a first range of the plurality of ranges, wherein determining the first pseudonym value of the plurality of pseudonym values comprises encrypting the first plaintext value of the plurality of plaintext values to provide the first pseudonym value, wherein the encrypting of the first plaintext value is controlled to cause the first pseudonym value to be within the first range and the encrypting of the plaintext value is tweaked based on an attribute associated with the first plaintext value.
2. The method of claim 1 , wherein determining the plurality of pseudonym values further comprises: performing a succession of encryption iterations comprising an initial encryption iteration and a last encryption iteration, and designating a given iteration of the succession of encryption iterations to be the last encryption iteration in response to the given iteration providing a ciphertext value within the first range.
3. The method of claim 2 , wherein the initial encryption iteration determines a first ciphertext value based on the first plaintext value, and each subsequent encryption iteration of the succession of encryption iterations after the initial encryption iteration determines a ciphertext value based on a ciphertext value determined in an encryption iteration of the encryption iterations preceding the each subsequent encryption iteration.
4. The method of claim 1 , wherein the encrypting is tweaked further based on an index associated with the first plaintext value.
5. The method of claim 1 , wherein determining the plurality of pseudonym values further comprises: encrypting a second plaintext value of the plurality of plaintext values to provide a second pseudonym value; controlling the encrypting of the second plaintext value to cause the second pseudonym value to be within the first range; and tweaking the encrypting of the second plaintext value based on attributes associated with the second plaintext value.
6. The method of claim 1 , wherein encrypting the first plaintext value comprises performing format preserving encryption.
7. The method of claim 1 , wherein the plurality of ranges comprises non-overlapping ranges.
8. The method of claim 1 , further comprising: decrypting the first pseudonym value based on the attribute to recover the first plaintext value.
9. The method of claim 1 , wherein the encrypting is tweaked further based on a name or an address associated with the first plaintext value.
10. The method of claim 1 , wherein tweaking the encrypting comprises selecting a permutation of a cipher used in the encrypting based on the attribute.
11. A non-transitory storage medium storing instructions that, when executed by a machine, cause the machine to: access first data representing a plurality of plaintext values having a plurality of ranges, wherein the plurality of plaintext values are associated with an attribute category, the plurality of plaintext values correspond to a collection of numbers for the attribute category, the plurality of ranges correspond to different ranges of numbers of the collection of numbers, and the collection of numbers has a statistical property; and generate second data representing a plurality of pseudonym values corresponding to the plurality of plaintext values and preserving the statistical property, wherein a first pseudonym value of the plurality of pseudonym values for a first plaintext value of the plurality of plaintext values is associated with a first range of the plurality of ranges, wherein determining the first pseudonym value comprises encrypting the first plaintext value to provide the first pseudonym value, and wherein the encrypting is controlled to cause the first pseudonym value to be within the first range and the encrypting is tweaked based on an attribute associated with the first plaintext value.
12. The storage medium of claim 11 , wherein the statistical property comprises a mean of the collection of numbers.
13. The storage medium of claim 11 , wherein the plurality of pseudonym values has a random distribution.
14. The storage medium of claim 11 , wherein the attribute comprises an age, a zip code, a name or an index.
15. The storage medium of claim 11 , wherein: each plaintext value of the plurality of plaintext values is associated with an index value; the index values are within an index range; and the instructions, when executed by the machine, further cause the machine to, for the first plaintext value: divide the index range by the index value associated with the first plaintext value to determine a remainder; and wherein the encrypting is controlled based on the remainder to determine the first pseudonym value.
16. An apparatus comprising: at least one processor; and a memory to store instructions to, when executed by the at least one processor, cause the at least one processor to: access data representing a plurality of plaintext values having a plurality of ranges, wherein the plurality of plaintext values are associated with an attribute category, the plurality of plaintext values correspond to a collection of numbers for the attribute category, the plurality of ranges correspond to different ranges of numbers of the collection of numbers, and the collection of numbers has a statistical property; and determining a plurality of tokens corresponding to the plurality of plaintext values and preserving the statistical property, wherein a first token of the plurality of tokens for a first plaintext value of the plurality of plaintext values is associated with a first range of the plurality of ranges, wherein determining the first token comprises encrypting the first plaintext value to provide the first token, wherein the encrypting is controlled to cause the first token to be within the first range of the plurality of ranges and the encrypting is tweaked based on an attribute associated with the first plaintext value.
17. The apparatus of claim 16 , wherein the instructions, when executed by the at least one processor, further cause the at least one processor to select an encryption permutation of a plurality of encryption permutations of a block cipher based on the attribute.
18. The apparatus of claim 16 , wherein the instructions, when executed by the at least one processor, further cause the at least one processor to perform format preserving encryption to generate the plurality of tokens.
19. The apparatus of claim 16 , wherein, for each range of the plurality of ranges, a total number of plaintext values of the plurality of plaintext values within the range is the same as a total number of tokens of the plurality of tokens within the range.
20. The apparatus of claim 16 , wherein for at least one range of the plurality of ranges, plaintext values of the plurality of plaintext values within the range have less entropy than the tokens of the plurality of tokens within the range.
Unknown
August 31, 2021
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.